Re: NSE PJL proof of concept

[David Fifield <david () bamsoftware com>]

On Fri, Jul 10, 2009 at 08:25:09AM -0700, Aaron Leininger wrote:
> A few months back, there was a discussion on list about HP printers
> and detection using nmap. It came up in the discussion that HP
> LaserJets allow a lot of access w/o any password protection. As a way
> to try and figure out how to do some simple things using NSE, I have
> tried to write a proof of concept script that will alter the display
> message on a LaserJet. The PJL command to do this is very simple. You
> can telnet into port 9100 on a LaserJet and issue: @PJL RDYMSG DISPLAY
> = "Test Message" and the words TEST MESSAGE will show on the printer's
> display immediately. 
>
> I have an NSE script that appears to run and send the correct string
> to the printer but the display does not change. I am hoping one of you
> gurus can help me along and tell me what I am doing wrong or missing.
> Below is my code and the output generated by nmap when run w/
> script-trace enabled. I am using nmap4.85beta10 on SuSe linux. 
>
> action = function(host, port)
>     local rdymsg="@PJL RDYMSG DISPLAY = \"Test Message\""
>     local socket = nmap.new_socket()
>     socket:set_timeout(1000)
>     try = nmap.new_try(function() socket:close() end)
>     try(socket:connect(host.ip, port.number))
>     try(socket:send(rdymsg))
>     socket:close()
>     return(rdymsg)    
> end

Maybe rdymsg needs a \n or \r\n at the end?

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org